The Cyberlaw Podcast – Interview with Tim Maurer

Episode 200: In which we turn fitness tracking into an entirely new 702 intelligence program

Whether they call it the fitbit or the “Ohsh*t!bit” governments are learning that the exercise internet of things is giving away their geospatial secrets at a rapid clip. Nick Weaver walks us through what most in the US would call a security disaster – and how it could become an intelligence bonanza. As an example of what can be done, Jeffrey Lewis highlights Taiwan’s secret cruise missile command center.

Of course, as soon as authoritarian governments learn to use fitbits to oppress their people, we can expect the European Union and the Wassenaar export control group to slap export controls on them. Meredith Rathbone reports on the effort to persuade Europe and Wassenaar not to throw the security industry out with the intrusion software. Turns out that progress is being made on both fronts.

Nick and I talk through the latest stories on Russian cyberspying. Meduza and Buzzfeed have a persuasive and dispiriting story about how Eugene Kaspersky might have been forced to cooperate with the Russian FSB. Looking at questions being raised about US firms allowing the Russians to inspect their source code, we conclude that Balkanization of cybersecurity products is a near certainty, with the only question being how many markets there will be.

Speaking of Russia, the Dutch, not prominent among hacking intelligence agencies until now, have apparently counted cybercoup on the Russians.

Meredith and I dig into the latest round in the European Court of Justice between Max Schrems and Facebook. We call it a draw, with special props to Facebook for creativity in arguing that Schrems is no longer a consumer because he’s obviously turned suing Facebook into a profession.

Finally, in the interview, we talk to Tim Maurer, co-director of the Cyber Policy Initiative and author of the new book, “Cyber Mercenaries – The State, Hackers, and Power.” Tim tells us the hidden story behind his book’s title and then jumps into a fascinating comparative study of how different governments try to control (or don’t) the hackers they recruit. Because it turns out that they all recruit hackers, just in very different ways. Tim points out an increasing fad for having hackers from one country move to another country to ply their trade. (North Koreans to China; Chinese to Africa) and the additional deterrence options this offers the US government.

Steptoe partner Stewart Baker with Tim Maurer

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Stewart Baker

Stewart served as the first Assistant Secretary for Policy at the Department of Homeland Security where he set cybersecurity policy, including inward investment reviews focused on network security. More

About This Blog

Steptoe Cyberblog, with its sometimes contrasting insights, serves up opinionated and provocative thoughts on the issues — especially cybersecurity and privacy — that arise at the intersection of law, information technology, and security.

Stay Connected To Steptoe

About Steptoe

Steptoe & Johnson LLP is an international law firm widely recognized for vigorous advocacy in complex litigation and arbitration, successful representation of clients before governmental agencies, and creative and practical advice in guiding business transactions. The firm has more than 500 lawyers and other professionals in offices in Beijing, Brussels, Chicago, London, Los Angeles, New York, Phoenix, San Francisco and Washington. For more information, visit the Steptoe website www.steptoe.com or contact us directly by visiting our Contact Page.